firstname.lastname@example.org Posted March 15, 2005 Share Posted March 15, 2005 Lately, I've been concerned about the number of spams that slip past SpamCop (as opposed to being held for my review). Yesterday, within a 24-hr period, 192 spams reached my Inbox (that's AFTER passing through the SpamCop filters). I looked a little closer, and was puzzled by the fact that some of the spam that got caught and held appeared to be very similar to spam that was being forwarded. Here are some examples of what I'm talking about: These emails were caught by SpamCop, and held for my review. I forwarded them to my submit address (i.e., NOT Quick Reported): 1) Subject: Re: [66:HHY]-Meddications http://www.spamcop.net/sc?id=z742090570z0a...292d0c8774e7e5z 2) Subject: Re: [15:WCJ]-Medicattions http://www.spamcop.net/sc?id=z742090572z4e...9c182e99d360d4z 3) Subject: Re: [73:TVO]-Medicattions http://www.spamcop.net/sc?id=z742090573z05...9d8d458ca3dad7z The following 3 emails were NOT caught by SpamCop and ended up in my Inbox. I also forwarded these to my submit address: 4) Subject: Re: [91:CKY]-Mediccations http://www.spamcop.net/sc?id=z742096268zdd...574e73bbd00d69z 5) Subject: Re: KF94[Meddications] http://www.spamcop.net/sc?id=z742096271z08...4d2d76e64b6ad3z 6) Subject: Re: -QM:52-Medicationns http://www.spamcop.net/sc?id=z742096273z41...26cc112482e9eaz Note that in all 6 instances, SpamCop was unhappy with the format of my submissions; although it could parse the headers, it thought the body of the email was missing (this problem has already been reported). It seems obvious that all 6 of these spams are from the same source, although they may have taken different routes to get to me. Do the Black Lists ONLY look at the headers? Would it be correct to say that if spam 'A' took route 'A', spam 'B' took route 'B', and only route 'A' uses email servers on one of the Black Lists, that spam 'A' would be held and spam 'B' would sail right through SpamCop? I have received hundreds of spams identical to these 6 over the past couple of weeks, and have reported them, but obviously many still slip through the SpamCop filters. Is SpamAssassin the only filter available at SpamCop that can examine message content? I had it configured at level 5, just changed it to 4 to see if that helps. In looking at the headers for example 6, does the "X-SpamLevel: **" mean I would have to lower my SpamAssassing threshold to 2 in order for it to flag this email as spam? Example 1 also had an X-SpamLevel of '**', so apparently SpamAssassin was not a contributing factor in flagging Ex. 1 as a spam. Any suggestions for how I can reduce the amount of spam still getting through would be appreciated. Thanks! Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.